Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.mft
File: KknhDg5wlLReuhwW-WN-HOxnvcY.mft (raw, json)
Hash identifier: CaTMHTKR499jAEZiXrQjVsklHciaEl5z7PTdL6i4mi0=
Subject key identifier: D0:07:63:71:0A:4E:B3:F9:C1:1A:A7:99:3A:E5:80:B6:5B:57:85:6E
Authority key identifier: 2A:49:E1:0E:0E:70:94:B4:5E:BA:1C:16:F9:63:7E:1C:EC:67:BD:C6
Certificate issuer: /CN=2a49e10e0e7094b45eba1c16f9637e1cec67bdc6
Certificate serial: 019D32D0956BA85CE3A372A841294453657C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KknhDg5wlLReuhwW-WN-HOxnvcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.mft
Manifest number: C3
Signing time: Sat 28 Mar 2026 05:00:23 +0000
Manifest this update: Sat 28 Mar 2026 05:00:23 +0000
Manifest next update: Sun 29 Mar 2026 05:00:23 +0000
Files and hashes: 1: KknhDg5wlLReuhwW-WN-HOxnvcY.crl (hash: u8Oi3rSsnyR9bj4n/krk+HDgmzVwuY2ZFIRVSHkAxiI=)
2: Nvkp4OHy0XjmNZcE8fX5Z-KueDQ.roa (hash: G0/QzlmRMEQtlNEZ8lhOPdNMyp6Hv4D1m4DiR2+PyZA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KknhDg5wlLReuhwW-WN-HOxnvcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:d0:95:6b:a8:5c:e3:a3:72:a8:41:29:44:53:65:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a49e10e0e7094b45eba1c16f9637e1cec67bdc6
Validity
Not Before: Mar 28 05:00:23 2026 GMT
Not After : Mar 29 05:00:23 2026 GMT
Subject: CN=d00763710a4eb3f9c11aa7993ae580b65b57856e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6f:b4:7a:e6:e4:80:6f:fd:f6:a6:a2:f4:0d:
50:1c:0b:f0:b6:d5:2b:3b:e5:f7:2f:12:9d:dc:ba:
46:7e:cd:ad:3b:13:fd:26:37:cc:06:3b:da:5b:7d:
ec:6c:9c:66:ec:a1:c1:10:b4:4c:7c:c2:cf:7e:e7:
d2:a6:a6:90:5c:ba:7f:d9:88:23:f0:23:7d:43:70:
a0:1e:da:e9:ca:8f:ab:d6:12:78:f5:ce:c4:21:13:
85:af:e1:83:e4:68:c4:fb:97:9e:07:1e:22:da:fb:
fb:36:81:62:18:00:c7:b5:9c:b8:87:8a:e3:61:05:
53:31:68:d5:33:ba:47:7f:b3:92:1d:32:6a:07:ab:
7d:49:90:e2:6b:ee:a3:d7:3f:fc:e2:a9:76:2e:7a:
94:a2:8c:52:22:c7:2a:a7:69:e8:fc:d6:75:4d:c4:
59:f5:d1:b8:5a:a4:67:a7:df:d0:2f:51:31:4b:41:
2d:ab:7d:6b:4f:6c:ba:28:21:8d:6c:85:7f:aa:92:
1a:26:36:71:93:fe:12:91:41:ed:e2:d1:be:61:5a:
c5:c9:d8:64:2a:5f:c6:2b:1b:38:d5:06:a4:ec:31:
f6:67:f2:86:e5:21:5c:d6:e8:8a:04:82:f9:a6:89:
91:2f:76:17:88:74:44:e7:0e:7a:94:15:87:f3:9e:
bd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:07:63:71:0A:4E:B3:F9:C1:1A:A7:99:3A:E5:80:B6:5B:57:85:6E
X509v3 Authority Key Identifier:
keyid:2A:49:E1:0E:0E:70:94:B4:5E:BA:1C:16:F9:63:7E:1C:EC:67:BD:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KknhDg5wlLReuhwW-WN-HOxnvcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c0be5f-f887-440d-b1ed-2d38b393b123/1/KknhDg5wlLReuhwW-WN-HOxnvcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:5a:b3:07:67:ac:1e:a7:52:e2:93:9e:64:7f:84:21:c1:5d:
53:09:4b:16:a7:b5:5b:a5:21:8b:ca:05:be:5a:aa:b0:ac:93:
3c:db:aa:04:33:2e:19:03:6d:d0:c6:c0:20:19:46:4a:4b:f0:
6d:30:bc:1d:14:e9:25:4b:5e:5d:29:5a:f9:85:58:76:4a:5c:
cb:32:f4:73:c0:b1:a6:a7:cd:69:0f:80:09:4d:09:bd:a9:f1:
8a:24:27:e0:e2:e0:a2:db:b4:7f:4b:ca:09:99:a5:e1:3c:34:
c2:43:83:1c:58:2f:fc:c1:7a:1a:f9:33:f2:8a:a7:c6:cb:7c:
0d:e1:a5:91:d6:ae:80:91:6e:db:ee:d8:a5:7f:f4:13:64:ff:
8c:85:89:ea:88:74:c2:d6:2a:ed:b4:f6:8d:80:f4:ea:2c:a4:
8f:b8:9d:ef:57:20:28:52:58:17:0d:17:7c:14:e0:44:6a:ab:
df:73:05:8d:34:b5:e4:23:72:4a:40:8d:54:8f:c3:18:08:c7:
b1:cc:31:27:9d:49:f8:cf:9f:36:1e:38:0b:b3:fd:82:68:4a:
af:72:06:dd:d8:91:6b:d6:97:5c:f6:f7:15:53:c2:50:c7:49:
16:00:4a:27:ca:cc:9f:9c:ac:92:60:8f:cf:c3:0f:f5:90:fd:
eb:9b:24:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0y0JVrqFzjo3KoQSlEU2V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDllMTBlMGU3MDk0YjQ1ZWJhMWMxNmY5NjM3ZTFjZWM2
N2JkYzYwHhcNMjYwMzI4MDUwMDIzWhcNMjYwMzI5MDUwMDIzWjAzMTEwLwYDVQQD
EyhkMDA3NjM3MTBhNGViM2Y5YzExYWE3OTkzYWU1ODBiNjViNTc4NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG+0eubkgG/99qai9A1QHAvwttUr
O+X3LxKd3LpGfs2tOxP9JjfMBjvaW33sbJxm7KHBELRMfMLPfufSpqaQXLp/2Ygj
8CN9Q3CgHtrpyo+r1hJ49c7EIROFr+GD5GjE+5eeBx4i2vv7NoFiGADHtZy4h4rj
YQVTMWjVM7pHf7OSHTJqB6t9SZDia+6j1z/84ql2LnqUooxSIscqp2no/NZ1TcRZ
9dG4WqRnp9/QL1ExS0Etq31rT2y6KCGNbIV/qpIaJjZxk/4SkUHt4tG+YVrFydhk
Kl/GKxs41Qak7DH2Z/KG5SFc1uiKBIL5pomRL3YXiHRE5w56lBWH8569twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAHY3EKTrP5wRqnmTrlgLZbV4VuMB8GA1UdIwQY
MBaAFCpJ4Q4OcJS0XrocFvljfhzsZ73GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tuaERnNXdsTFJldWh3Vy1XTi1IT3hudmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jMGJlNWYtZjg4Ny00NDBkLWIxZWQt
MmQzOGIzOTNiMTIzLzEvS2tuaERnNXdsTFJldWh3Vy1XTi1IT3hudmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jMGJlNWYtZjg4Ny00NDBkLWIxZWQtMmQzOGIzOTNiMTIz
LzEvS2tuaERnNXdsTFJldWh3Vy1XTi1IT3hudmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFqzB2es
HqdS4pOeZH+EIcFdUwlLFqe1W6Uhi8oFvlqqsKyTPNuqBDMuGQNt0MbAIBlGSkvw
bTC8HRTpJUteXSla+YVYdkpcyzL0c8CxpqfNaQ+ACU0JvanxiiQn4OLgotu0f0vK
CZml4Tw0wkODHFgv/MF6Gvkz8oqnxst8DeGlkdaugJFu2+7YpX/0E2T/jIWJ6oh0
wtYq7bT2jYD06iykj7id71cgKFJYFw0XfBTgRGqr33MFjTS15CNySkCNVI/DGAjH
scwxJ51J+M+fNh44C7P9gmhKr3IG3diRa9aXXPb3FVPCUMdJFgBKJ8rMn5yskmCP
z8MP9ZD965sklA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:49:13 2026 by rpki-client